From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on sa.local.altlinux.org X-Spam-Level: X-Spam-Status: No, score=-1.8 required=5.0 tests=BAYES_00,DKIM_SIGNED, T_DKIM_INVALID autolearn=no autolearn_force=no version=3.4.1 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=altlinux.org; s=dkim; h=Subject:In-Reply-To:Content-Type:MIME-Version: References:Message-ID:Cc:To:From:Date:Sender:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=enHJ82crDX3KlDn4ToXIEMwLqcDYxv6IcR2HfMaLIUY=; b=fLi4IGvBHbhapNB3LW4EItP9Z0 kOEO5RIalSyR3/uzOFPa0F63RN1ZVwXlSqZE1FiMRL+EPNa+1xdhDyq2qijS9/5VaBQNtx8/KIgFt NilMX50UsMNZ8wuXLlhxgAlrRBAhrtNnRM1A7i0l33jLt/n/EEYMMXJLPk7AukUEAFGVPWNhDe1ry lBpIXmio19XAxnPY/J430DbgoHNyvfB+oEDLYqR2UoRrpVOY6dXm4NIUB/v/7L0wuU9D6SVPvODnu 2o6bG1IGaApv/nodMcO3kNa7Oa/95I3q2/n2OjJjGre0gp0xkhcXRFIweeoVkoPYDI4deG7lcMdkg p6z/Ao5w==; Date: Fri, 2 Oct 2020 00:53:45 +0300 From: Arseny Maslennikov To: ALT Linux Team development discussions Message-ID: <20201001215345.GE1037402@cello> References: <20200917130935.GA286846@cello> <20201001172111.owhjozg4pqagbtll@comp-core-i7-2640m-0182e6> <20201001174400.GA1037402@cello> <20201001200129.x6z5whtbuhpxjr2v@comp-core-i7-2640m-0182e6> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="wTWi5aaYRw9ix9vO" Content-Disposition: inline In-Reply-To: <20201001200129.x6z5whtbuhpxjr2v@comp-core-i7-2640m-0182e6> OpenPGP: url=http://grep.cs.msu.ru/~ar/pgp-key.asc X-SA-Exim-Connect-IP: 37.204.119.143 X-SA-Exim-Mail-From: arseny@altlinux.org X-SA-Exim-Version: 4.2.1 X-SA-Exim-Scanned: Yes (on mail.cs.msu.ru) Cc: ldv@altlinux.org Subject: Re: [devel] [PATCH hasher-priv v1 0/3] Make a daemon from the hasher-priv X-BeenThere: devel@lists.altlinux.org X-Mailman-Version: 2.1.12 Precedence: list Reply-To: ALT Linux Team development discussions List-Id: ALT Linux Team development discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 Oct 2020 21:53:53 -0000 Archived-At: List-Archive: List-Post: --wTWi5aaYRw9ix9vO Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Oct 01, 2020 at 10:01:29PM +0200, Alexey Gladkov wrote: > On Thu, Oct 01, 2020 at 08:44:00PM +0300, Arseny Maslennikov wrote: > > On Thu, Oct 01, 2020 at 07:21:11PM +0200, Alexey Gladkov wrote: > > > On Thu, Sep 17, 2020 at 04:09:35PM +0300, Arseny Maslennikov wrote: > > > > On Fri, Dec 13, 2019 at 12:42:02PM +0100, Alex Gladkov wrote: > > > > > From: Alexey Gladkov > > > > >=20 > > > > > The hasher-priv is a SUID utility. This is not good. Separation o= f the > > > > > server and client parts will allow us to remove SUID flag. > > > > >=20 > > > > > The separation of server and client is not intended to give clien= ts > > > > > access over the network. This separation is only necessary to dis= tinguish > > > > > privileges. Only UNIX domain socket is used. > > > > >=20 > > > > > A separate session process is created for each connected user. Ea= ch such > > > > > process ends after a certain period of inactivity. > > > >=20 > > > > Thank you for trying this idea out; despite the trolling attempts, = this > > > > effort is long welcome. > > >=20 > > > I created this patchset a long time ago. I've already lost my context= =2E It > > > might be better if you keep working on this patch. > > >=20 > >=20 > > Great! I'd like to work on this further. >=20 > You have asked many questions. I didn=E2=80=99t answer everything because= these > patches are already 5 years old and I can hardly remember what I had in my > head when I did them. Submitting patches to the mailing list was the > second attempt to upstream them. Actually, I was afraid of losing them > altogether, so I merged some of the patches. Originally I had about 10 > patches in a patchset. >=20 > I'm not sure if I have time for this rework. But we can try. So, I guess you won't mind if I would prepare a v2 which fixes some of the issues discussed, based on my repo. We're in no hurry, since Dmitry is currently away for the next couple of weeks. > We can > discuss the hasher-privd in russian if you like :) I'm personally fine with both english and russian; looks like you're too. The remaining concerns are: * if everyone else interested can respond and continue the conversation * if the community around hasher ever goes international. I responded in english, since the patch messages were in english, and in that case I usually take the (nowadays rare with covid) opportunity to practice. =D0=95=D1=81=D0=BB=D0=B8 =D0=B6=D0=B5 =D1=82=D0=BE, =D0=BD=D0=B0 = =D1=87=D1=82=D0=BE =D1=8F =D0=BE=D1=82=D0=B2=D0=B5=D1=87=D0=B0=D1=8E, =D0= =BF=D0=B8=D1=88=D1=83=D1=82 =D0=BF=D0=BE-=D1=80=D1=83=D1=81=D1=81=D0=BA=D0= =B8, =D1=82=D0=BE =D0=B8 =D0=BE=D1=82=D0=B2=D0=B5=D1=87=D0=B0=D1=82=D1=8C, =D0=BD=D0=B0=D0=B2=D0=B5=D1=80=D0=BD=D0=BE=D0=B5, =D1=81=D0=BB=D0=B5=D0=B4= =D1=83=D0=B5=D1=82 =D1=82=D0=BE=D0=B6=D0=B5 =D0=BF=D0=BE-=D1=80=D1=83=D1=81= =D1=81=D0=BA=D0=B8. =D0=95=D1=81=D0=BB=D0=B8 =D0=B2=D0=B4=D1=80=D1=83=D0=B3 =D1=87=D1=83=D0=B2= =D1=81=D1=82=D0=B2=D1=83=D0=B5=D1=82=D0=B5, =D1=87=D1=82=D0=BE =D0=BB=D1=83= =D1=87=D1=88=D0=B5 =D0=BF=D0=BE-=D1=80=D1=83=D1=81=D1=81=D0=BA=D0=B8, =D0= =BC=D0=BE=D0=B6=D0=B5=D1=82=D0=B5 =D0=BD=D0=B0 =D1=80=D1=83=D1=81=D1=81=D0= =BA=D0=B8=D0=B9 =D0=BF=D0=B5=D1=80=D0=B5=D0=BA=D0=BB=D1=8E=D1=87=D0=B0=D1= =82=D1=8C=D1=81=D1=8F. =D0=9D=D1=83 =D0=B8 =D0=B8=D0=BD=D0=BE=D0=B3=D0=B4=D0=B0 =D0=BF=D0=B8=D1=88= =D0=B5=D1=88=D1=8C =D1=87=D1=82=D0=BE-=D1=82=D0=BE =D0=BF=D0=BE-=D1=80=D1= =83=D1=81=D1=81=D0=BA=D0=B8 =D0=B2 =D0=BD=D0=B5=D0=BA=D0=BE=D1=82=D0=BE=D1= =80=D1=8B=D0=B9 =D0=BF=D1=80=D0=BE=D1=84=D0=B5=D1=81=D1=81=D0=B8=D0=BE=D0=BD=D0=B0=D0=BB=D1= =8C=D0=BD=D0=BE-=D1=82=D0=B5=D1=85=D0=BD=D0=B8=D1=87=D0=B5=D1=81=D0=BA=D0= =B8=D0=B9 =D1=80=D0=B0=D0=B7=D0=B3=D0=BE=D0=B2=D0=BE=D1=80, =D0=B0 =D0=B2 = =D1=80=D0=B5=D0=BF=D0=BB=D0=B8=D0=BA=D0=B5 =D1=81=D1=82=D0=BE=D0=BB=D1=8C= =D0=BA=D0=BE =D0=BE=D0=BA=D0=B0=D0=B7=D1=8B=D0=B2=D0=B0=D0=B5=D1=82=D1=81= =D1=8F =D0=BD=D0=B5=D0=BF=D0=B5=D1=80=D0=B5=D0=B2=D0=BE=D0=B4=D0=BD=D1=8B=D1=85 = =D1=82=D0=B5=D1=80=D0=BC=D0=B8=D0=BD=D0=BE=D0=B2 =D0=B8 =D1=81=D0=BE=D0=B1= =D1=81=D1=82=D0=B2=D0=B5=D0=BD=D0=BD=D1=8B=D1=85 =D0=B8=D0=BC=D1=91=D0=BD, = =D1=87=D1=82=D0=BE =D1=83=D0=B6 =D0=BB=D1=83=D1=87=D1=88=D0=B5 =D0=BF=D0=BE= -=D0=B0=D0=BD=D0=B3=D0=BB=D0=B8=D0=B9=D1=81=D0=BA=D0=B8 =D0=B1=D1=8B =D0=BF= =D0=B8=D1=81=D0=B0=D0=BB. :) >=20 > > > > There are some issues with the patchset, which I intend to cover in > > > > subsequent emails. I have published[1] some fix-up commits on top of > > > > these patches in an attempt to ensure that, barring the issues with= a > > > > known fix, this works; however, some bugs are definitely still unso= lved > > > > by now, so I decided to discuss the more apparent points first. > > > >=20 > > > > [1] http://git.altlinux.org/people/arseny/packages/hasher-priv.git?= a=3Dsummary > > >=20 > > > It looks like you've already started working on finalizing this patch= :) > > >=20 > > > > There's an issue when hasher-privd tries to fulfill a chrootuid{1,2} > > > > request: the (eventually) unprivileged task executor process > > > > successfully invokes waitpid() or the likes on a child process, > > > > select()s on I/O descriptors, but gets CHLD later =E2=80=94 and it = looks like > > > > the inherited signal handler causes it to wait again. > > >=20 > > > Hm... > > >=20 > > > > I've not yet found a decent reproducer =E2=80=94 the following comm= and: > > > > `hsh-shell $workdir' > > >=20 > > > There is no such command. You need to send command to run /bin/sh. > >=20 > > Yes, there's no such IPC command, I was referring to a shell command run > > in the host system by the caller user. > >=20 > > >=20 > > > > reproduces the issue reliably for me, but hsh-mkchroot, hsh-rmchroo= t, > > > > hsh-install are all OK. The root cause nevertheless is not yet > > > > established. It looks like this has to be patched somewhere in > > > > chrootuid(), but I might be wrong on this one. > > > >=20 >=20 >=20 >=20 > --=20 > Rgrds, legion >=20 > _______________________________________________ > Devel mailing list > Devel@lists.altlinux.org > https://lists.altlinux.org/mailman/listinfo/devel --wTWi5aaYRw9ix9vO Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE56JD3UKTLEu/ddrm9dQjyAYL01AFAl92T94ACgkQ9dQjyAYL 01AUwBAAqMgNFKDdMzC2xFMJ9GvsbTGwokpRgMfIhcaGqGDmkRN1LQZ1lpZbdya2 PiXhi6E3jHZ5Vj26d9O7fWii7CttMkrE4+9XC805F5yaIrYtdmRQA/6LZ0nFRh5c Rsw78s4J3i6qpSKBgLvdkRzAMYxdN29p7bmVdZu4ujJ9dZualaOv2c9YmDtIxW72 9e+DqRd7QHX5Pj/CgARnVW6/FK7+Pu5iPhY+WDNBZwOFfGfCcDDyZcOQb31OOMhQ wDzOgrXi1eS++iEtQJedEQt466QPN3wLHHxi2eaTDNAS5rYCVPwj/d52Vx8o9rK9 8BxaeqKf68S/9EIHGJtwzqVUoIoSqOEYQy5sJnaLbIdKioWgzQywTVUlTEQ1y01c dTMpEAGFtxflOONARkKOkbGLGCyhS+ubEVstH13UprzZsQN6qUUPbRnr55WDhQB9 BwIFjDKVtVtX2UZOpsz/L2WjDOTDyRzeFF6m+gI+PZSFm2qGyB3hgK66VNW8C50s eJvnhEZMOGcrhNziwAbxBDOuAh8+s7kSgkjxMDt1PO9gH4AOts8MmlobS5dcK/zb gTlPqJRmYf8kZauFHnxpaHfOY+rBSRpCawEHrsCQQe05+yy9QrL9lU+uMYyytDjn N5SkfxlraUBrDcMia3z0d2TBnFBpBspdC6udOKzW37lpCJ2WDSk= =ahlO -----END PGP SIGNATURE----- --wTWi5aaYRw9ix9vO--